/*
package com.gancp.common.security;

import com.gancp.cache.CommonCacheUtil;
import com.gancp.common.constants.Constants;
import com.gancp.vo.UserSessionVo;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
import org.springframework.util.AntPathMatcher;

import javax.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.List;

*/
/**
 * Created by GCP on 2018/1/21.
 * <p>
 * spring-secyrity 预授权配置类
 *//*

@Slf4j
public class RestPreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter {
    private List<String> noneSecurityList;

    @Autowired
    private CommonCacheUtil commonCacheUtil;

    // spring路径匹配器
    private AntPathMatcher matcher = new AntPathMatcher();

    public RestPreAuthenticatedProcessingFilter(List<String> noneSecurityList, CommonCacheUtil commonCacheUtil) {
        this.noneSecurityList = noneSecurityList;
        this.commonCacheUtil = commonCacheUtil;
    }

    */
/******
     * 获取用户凭证
     * *****//*

    @Override
    protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) {
        GrantedAuthority[] authorities = new GrantedAuthority[1];
        // 无需过滤的url
        if (isNoneSecurityPath( request.getRequestURI().toString() ) || "OPTIONS".equals( request.getMethod() )) {

            // 随意设置一个角色  返回用户信息
            GrantedAuthority authority = new SimpleGrantedAuthority( "ROLE_SOME" );
            authorities[0] = authority;
            return new RestAuthenticationToken( Arrays.asList( authorities ) );
        }
        // 需要检测token 以及 检测app版本
        String appVersion = request.getHeader( Constants.RESP_VERSION_KEY );
        String token = request.getHeader( Constants.UREQUEST_TOKEN_KEY );

        if (appVersion == null) {
            request.setAttribute( "header-error", "400" );
        }
        // 检测app版本通过的用户传过来的token
        if (request.getAttribute( "header-error" ) == null) {
            try {
                if (!StringUtils.isBlank( token )) {
                    Object ue = commonCacheUtil.getUserByToken( token );
                    if (ue instanceof UserSessionVo) {
                        GrantedAuthority authority = new SimpleGrantedAuthority( "BIKE_CLIENT" );
                        authorities[0] = authority;
                        RestAuthenticationToken authToken = new RestAuthenticationToken( Arrays.asList( authorities ) );
                        authToken.setUserElement( (UserSessionVo) ue );
                        return authToken;
                    }
                    {
                        // token 不正确
                        request.setAttribute( "header-error", "401" );
                    }
                } else {
                    log.warn( "got no token  from reauest header" );
                    // token  不存在 告诉移动端需要登录
                    request.setAttribute( "header-error", "401" );
                }
            } catch (Exception e) {
                log.error( "fail to authenticate user", e );
            }
        } else {
            GrantedAuthority authority = new SimpleGrantedAuthority( "ROLE_NONE" );
            authorities[0] = authority;
        }
        RestAuthenticationToken authToken = new RestAuthenticationToken( Arrays.asList( authorities ) );
        return authToken;
    }

    private boolean isNoneSecurityPath(String url) {
        boolean result = false;
        if (noneSecurityList != null) {
            for (String pattern : noneSecurityList) {
                if (matcher.match( pattern, url )) {
                    result = true;
                    break;
                }
            }
        }
        return result;
    }

    */
/*****
     * 获取用户信息
     * ******//*

    @Override
    protected Object getPreAuthenticatedCredentials(HttpServletRequest request) {
        return null;
    }
}
*/
